From 25757b0fffc284dd01578279881cbc0c90b62752 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Fri, 19 Sep 2014 14:03:05 +0200 Subject: [PATCH] A simple feeder script feeding data from pystemon to AIL. The configuration matches the default Redis parameters used in the pystemon configuration. https://github.com/cvandeplas/pystemon/blob/master/pystemon.yaml#L16 --- bin/feeder/pystemon-feeder.py | 50 ++++++++++++++++++++++++++++++++++ bin/packages/config.cfg.sample | 2 ++ 2 files changed, 52 insertions(+) create mode 100644 bin/feeder/pystemon-feeder.py diff --git a/bin/feeder/pystemon-feeder.py b/bin/feeder/pystemon-feeder.py new file mode 100644 index 00000000..1a9088b3 --- /dev/null +++ b/bin/feeder/pystemon-feeder.py @@ -0,0 +1,50 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- +# +# This file is part of AIL framework - Analysis Information Leak framework +# +# This a simple feeder script feeding data from pystemon to AIL. +# +# Don't forget to set your pystemonpath and ensure that the +# configuration matches this script. Default is Redis DB 10. +# +# https://github.com/cvandeplas/pystemon/blob/master/pystemon.yaml#L16 +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Copyright (c) 2014 Alexandre Dulaunoy - a@foo.be + + +import zmq +import random +import sys +import time +import redis +import base64 + +port = "5556" +pystemonpath = "/home/pystemon/pystemon/" + +context = zmq.Context() +socket = context.socket(zmq.PUB) +socket.bind("tcp://*:%s" % port) + +# check https://github.com/cvandeplas/pystemon/blob/master/pystemon.yaml#L16 +r = redis.StrictRedis(host='localhost', db=10) + +# 101 pastes processed feed +# 102 raw pastes feed + +while True: + time.sleep(1) + topic = 101 + paste = r.lpop("pastes") + if paste is None: + continue + socket.send("%d %s" % (topic, paste)) + topic = 102 + messagedata = open(pystemonpath+paste).read() + socket.send("%d %s %s" % (topic, paste, base64.b64encode(messagedata))) diff --git a/bin/packages/config.cfg.sample b/bin/packages/config.cfg.sample index f274fc55..76e23faa 100644 --- a/bin/packages/config.cfg.sample +++ b/bin/packages/config.cfg.sample @@ -38,6 +38,8 @@ db = 1 # PUB / SUB : ZMQ [Feed] +# if you use the pystemon-feeder.py change the configuration +# where the feeder is listening. Usually it's 127.0.0.1:5556 adress = tcp://crf.circl.lu:5556 topicfilter = 102